Cisco Application Control Engine up to 4700 A5 3.0 CLI File privilege escalation : 8/27/2015 12:48:04 PM
 | Communicate with co-workers in real time. Used by Netflix, Dropbox & Salesforce. $0/unlimited users. Get started >> From our sponsors  |
| Vulnerability Advisories |
| Vulnerabilities of scip VulDB |
Cisco Application Control Engine up to 4700 A5 3.0 CLI File privilege escalation
8/26/2015 7:00:00 PM
General
scipID: 77465
Affected: Cisco Application Control Engine up to 4700 A5 3.0
Published: 08/27/2015
Risk: problematic
Created: 08/27/2015
Entry: 67.3% complete
Summary
A vulnerability, which was classified as problematic, has been found in Cisco Application Control Engine up to 4700 A5 3.0. This issue affects an unknown function of the component CLI. The manipulation as part of a File leads to a privilege escalation vulnerability. Impacted is confidentiality, integrity, and availability.
The weakness was published 08/27/2015 as CSCur23662 as confirmed advisory (Website). The identification of this vulnerability is CVE-2015-6265. An attack has to be approached locally. Neither technical details nor an exploit are publicly available.
There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.
CVSS
Base Score: 4.1 (CVSS2#AV:L/AC:M/Au:S/C:P/I:P/A:P) [?]
Temp Score: 4.1 (CVSS2#E:ND/RL:ND/RC:C) [?]
CPE
Exploiting
Class: Privilege escalation
Local: Yes
Remote: No
Availability: No
Countermeasures
Recommended: no mitigation known
0-Day Time: 0 days since found
Timeline
08/27/2015 | Advisory disclosed
08/27/2015 | VulDB entry created
08/27/2015 | VulDB entry updated
Sources
Advisory: CSCur23662
Status: Confirmed
CVE: CVE-2015-6265 (mitre.org) (nvd.nist.org) (cvedetails.com)
You are receiving this email because you subscribed to this feed at feedmyinbox.com
If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions
